package com.ctrip.framework.apollo.portal.controller;

import com.ctrip.framework.apollo.common.exception.BadRequestException;
import com.ctrip.framework.apollo.core.utils.StringUtils;
import com.ctrip.framework.apollo.portal.entity.bo.UserInfo;
import com.ctrip.framework.apollo.portal.entity.po.UserPO;
import com.ctrip.framework.apollo.portal.spi.LogoutHandler;
import com.ctrip.framework.apollo.portal.spi.UserInfoHolder;
import com.ctrip.framework.apollo.portal.spi.UserService;
import com.ctrip.framework.apollo.portal.spi.springsecurity.SpringSecurityUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.List;

/**
 * User Controller
 */
@RestController
public class UserInfoController {

    @Autowired
    private UserInfoHolder userInfoHolder;
    @Autowired
    private LogoutHandler logoutHandler;
    @Autowired
    private UserService userService;

    @PreAuthorize(value = "@permissionValidator.isSuperAdmin()")
    @RequestMapping(value = "/users", method = RequestMethod.POST)
    public void createOrUpdateUser(@RequestBody UserPO user) {
        // 校验 `username` `password` 非空
        if (StringUtils.isContainEmpty(user.getUsername(), user.getPassword())) {
            throw new BadRequestException("Username and password can not be empty.");
        }
        // 新增或更新 User
        if (userService instanceof SpringSecurityUserService) {
            ((SpringSecurityUserService) userService).createOrUpdate(user);
        } else {
            throw new UnsupportedOperationException("Create or update user operation is unsupported");
        }
    }

    @RequestMapping(value = "/user", method = RequestMethod.GET)
    public UserInfo getCurrentUserName() {
        return userInfoHolder.getUser();
    }

    @RequestMapping(value = "/user/logout", method = RequestMethod.GET)
    public void logout(HttpServletRequest request, HttpServletResponse response) throws IOException {
        logoutHandler.logout(request, response);
    }

    @RequestMapping(value = "/users", method = RequestMethod.GET)
    public List<UserInfo> searchUsersByKeyword(@RequestParam(value = "keyword") String keyword,
                                               @RequestParam(value = "offset", defaultValue = "0") int offset,
                                               @RequestParam(value = "limit", defaultValue = "10") int limit) {
        return userService.searchUsers(keyword, offset, limit);
    }

    @RequestMapping(value = "/users/{userId}", method = RequestMethod.GET)
    public UserInfo getUserByUserId(@PathVariable String userId) {
        return userService.findByUserId(userId);
    }

}